(Reuters) - Advanced hacking attacks by groups such as Anonymous and the prevalence of mobile devices like Apple Inc’s iPhone are spurring demand for more sophisticated protection, making niche network security firms prime takeover targets, analysts and experts said.
“Mergers and acquisitions will become more prominent,” said Ben Ramirez, an analyst at Frost and Sullivan. “Predators will be those with high capital expenditures and high market share and the prey will be those that have little market share and weak product diversification.”
Dell Inc recently purchased network and data security products maker SonicWall. Juniper Networks bought privately held Mykonos Software for $80 million in February, and last year Intel completed its $7.7 billion purchase of McAfee.
Fortinet, a provider of network security appliances, security software maker F5 Networks Inc, and data security company Imperva Inc are some of the companies that sources said are potential targets.
“An interesting play might be if HP would pick up a player like Fortinet,” said Lawrence Pingree, a network security analyst at research firm Gartner.
Representatives for Hewlett Packard declined comment. Fortinet and F5 Networks were not immediately available for comment, and Imperva declined comment.
As companies increasingly use Web-based applications more elaborate security features will be needed within firewalls.
“The proliferation of smartphones, iPads, netbooks, and other mobile devices connected 24/7 to the Internet is driving companies to reassess how critical infrastructure in HQ, branch offices, remote offices, and data centers is protected from malware,” said Jeff Wilson, a security analyst at Infonetics.
Traditional security defenses used by large companies leave blind spots that provide “a big doorway for cyber criminals to walk through”, according to Websense Security Labs.
Despite high profile cyber attacks on companies such as Lockheed Martin Corp, Google Inc and Citigroup, less than 5 percent of corporate Internet connections are secured using next generation firewalls (NGFW) that allow greater and more specific control over every aspect of a network, according to a Gartner report.
By the end of 2014 that number is expected to swell to 35 percent.
But researching and developing new security features is expensive, so rather than building organically most vendors of network security will opt for acquisitions of small and medium-sized network security companies, said Frost and Sullivan analyst Ramirez.
According to Gartner, large network equipment providers and Internet Technology companies will also be looking for acquisitions to add network security to their portfolios as a way of keeping up with Cisco Systems in the infrastructure market.
Deutsche Bank analyst Brian Modoff wrote in a recent research report that the roughly $6 billion security equipment market was still very fragmented and in flux, creating an opportunity for IT vendors.
Cisco has the largest share in the network security market with around 30 percent, followed by Israel’s Check Point Software Technologies and Juniper Networks. California-based Palo Alto Networks, which is poised to go public this year, is growing rapidly.
Consolidation may be hampered, however, by the cost of acquisitions paid for by cash held overseas.
“What makes me hesitant is the amount of cash companies have outside the U.S.,” said Zeus Kerravala, founder of ZK Research.
Some large multinationals defer paying taxes on foreign profits by keeping them abroad instead of bringing them home, or repatriating them. An estimated $1.2 trillion to $1.5 trillion in U.S. corporate profits is parked abroad, allowing companies to avoid income tax.
If that money was repatriated, corporations would have to pay the 35 percent top corporate tax rate on it.
“Say Cisco would want to buy F5Networks with a 30 percent premium, that would be roughly $10 billion to $12 billion. Repatriate cash and you’re looking at $15 billion. I think that’s why Fortinet is still a standalone company,” Kerravala said.
Cisco, which has said it was back on the acquisition path, declined to comment.
Reporting By Nicola Leske; Editing by Peter Lauria This story has been corrected to read $80 million instead of $800 million in paragraph three